So this is a bit unusual. Advanced Spine & Pain Center in San Antonio notified its patients on September 25 following two concerning events that may or may not be related. The first involved some patients receiving phone calls asking them to pay outstanding balances. As part of investigating that incident, ASPC discovered that their server…
Category: Breach Incidents
Kentucky lawmaker files bill to help victims of data breaches
Mark Vanderhoff reports: A state lawmaker said the Equifax data breach affected 40 percent of Kentuckians. Sen. Morgan McGarvey announced proposed legislation to help those victims at the Louisville headquarters of the AARP. […] The bill requires companies to provide victims with: A free credit freeze. Five years of credit monitoring. Three free credit reports…
Cloudy with a chance of PHI leaks
Maybe we should do this one as a “write your own headline” exercise. Earlier this week, Kromtech Security reported that they had uncovered yet another improperly secured AWS S3 bucket that was exposing protected health information. The company that was responsible for the collection of the home monitoring data, Patient Home Monitoring, was exposing what…
No holds barred? TheDarkOverlord threatens students with physical violence to send FBI a message to back off
DataBreaches.net has been reporting on TheDarkOverlord (TDO) since they first burst on the scene in June, 2016. Since then, this site has reported on numerous attacks by them on health care entities, financial and business entities, a Hollywood post-production studio, and a defense contractor. Now they have begun to target the education sector, and an official at the…
Office of the Australian Information Commissioner seeks your comment
Notifiable Data Breaches We are currently seeking public comment on the following draft resources: What to include in an eligible data breach statement Notifiable Data Breach statement Exceptions to notification obligations Guide to OAIC Privacy Regulatory Action – Chapter 9: Data breach incidents Assessing a suspected data breach Please provide any comments by 23 October…
Data breach at Toms River police headquarters
Erik Larsen reports: The township plans to notify about 3,700 people that their personal information may have been compromised by a data breach inside the Police Department over the summer, said Chief Mitch Little. Toms River’s chief of police said his department first discovered a problem on Aug. 2, when its computer assisted dispatch server…